About this Course
This course is designed for managers or risk owners who wish to develop their skill and competence in Information Security management, as well as those currently working as practitioners in Information Technology or Information Security who wish to begin developing their skills into the realm of strategy and risk management. This course is also suitable for those commencing a programme of Information and Cyber Security improvement.
This course is intended to deliver an understanding of Information Security management issues including the management of risk, security standards, relevant legislation and business continuity planning.
The course covers strategic considerations for establishing an Information Security programme including a high-level understanding of cyber security technical requirements.
Aims & Objectives
The course aims to give you strategic knowledge of Information Security management. You will:
- Have knowledge of the concepts of Information Security (IS) management
- Understand at a strategic level the relevant UK and global legislative and regulatory standards for IS
- Recognise the value of IS Management Systems and frameworks in implementing IS
- Be able to identify key technical controls and strategies to delivering IS
- Be capable of commencing business continuity planning for IS
Session 1: Information Security Management
- Key concepts of IS management
- Information Security
- Cyber Security
- Information Assets
Session 2: Threat, Risk and Harm
- Information Risk
- Threats against IS
- Assessing Risk and Harm
- Applying Controls
- Policy related controls
- People considerations
Session 3: Controlling Risk
- Technical controls for IS
- Training Staff
- Developing further
Session 4: Business Continuity
- IS and Business Continuity
- Cyber Security Incident Response
- Developing a plan
About the Trainers
This course is delivered by Jez Rogers and Andy Rawlinson. Read more about the trainers on our profile page.
Frequently Asked Questions:
Do I get a qualification?
A certificate of attendance is provided. This course is an excellent foundation for going on to take the British Computer Society’s Certificate in Information Security Management Principles (CISMP), which is delivered in a 5-day course.
Is this course technical?
There is a high level of technical information, relevant to a strategic and managerial understanding of relevant technical controls. The qualified trainers are experienced in ensuring that technical information is delivered in an understandable manner for non-technical audiences.
Who is this course for?
For anyone who has a responsibility or a desire to improve information security. This course is for people who can take decisions and make changes, or inform and influence those who can do so. It is also for those currently working at a practitioner level who wish to begin the journey into the world of security and risk management.
How is this course delivered?
This course is delivered with live instruction by both Jez Rogers and Andy Rawlinson.
The day runs from 09:00 to 17:00:
09:00-10:40 – Open, Session 1
10:40-11:00 – Break
11:00-12:30 – Session 2
12:30-13:15 – Lunch
13:15-15:15 – Session 3
15:15-15:30 – Break
15:30-17:00 – Session 4, Close
This course can be delivered virtually over Zoom or MS Teams, or in a training venue of your choice. We can source a training venue if desired at cost.